私たちはgradleに切り替えようとしています。すべて正常に動作しますが、pkcs#11 トークンに存在するクライアント証明書でのみアクセスできる内部リポジトリに問題があります。
Maven では、次のような .mavenrc ファイルがありました。
#!/bin/bash
MAVEN_OPTS=" $MAVEN_OPTS \
-Djava.security.debug=sunpkcs11 \
-Djavax.net.ssl.trustStore=NONE \
-Djavax.net.ssl.trustStoreType=pkcs11 \
-Djavax.net.ssl.keyStore=NONE \
-Djavax.net.ssl.keyStoreType=pkcs11 \
"
だから私はこれらのJavaオプションを最初にgradlewラッパースクリプトに入れました:
# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
DEFAULT_JVM_OPTS=" \
-Djava.security.debug=sunpkcs11 \
-Djavax.net.ssl.trustStore=NONE \
-Djavax.net.ssl.trustStoreType=pkcs11 \
-Djavax.net.ssl.keyStore=NONE \
-Djavax.net.ssl.keyStoreType=pkcs11 \
"
./gradlew build を実行すると、トークンの PIN を要求されますが、アーティファクトの要求は 401 で失敗します。サーバーにクライアント証明書が届きません。
$ ./gradlew --stacktrace compileJava
:compileJava
SunPKCS11 loading /etc/opensc/opensc-java.cfg
sunpkcs11: Initializing PKCS#11 library /usr/lib/opensc-pkcs11.so
Information for provider SunPKCS11-OpenSC
[lots of debugging infos from sub pkcs11]
sunpkcs11: getting provider callback handler
sunpkcs11: getting default callback handler
[ entering PIN ]
sunpkcs11: login succeeded
sunpkcs11: user already logged in
sunpkcs11: user already logged in
sunpkcs11: user already logged in
sunpkcs11: user already logged in
FAILURE: Build failed with an exception.
* What went wrong:
Could not resolve all dependencies for configuration ':compile'.
> Could not resolve group: ....
Required by: ...
> Could not GET 'https://nexus/PATH...'. Received status code 401 from server: Authorization Required
> Could not GET 'https://nexus/PATH...'. Received status code 401 from server: Authorization Required
* Try:
Run with --info or --debug option to get more log output.
* Exception is:
[...]
Caused by: org.gradle.api.UncheckedIOException: Could not GET 'https://nexus/PATH...'. Received status code 401 from server: Authorization Required
at org.gradle.api.internal.artifacts.repositories.transport.http.HttpResourceCollection.processHttpRequest(HttpResourceCollection.java:145)
at org.gradle.api.internal.artifacts.repositories.transport.http.HttpResourceCollection.initGet(HttpResourceCollection.java:121)
at org.gradle.api.internal.artifacts.repositories.transport.http.HttpResourceCollection.getResource(HttpResourceCollection.java:81)
at org.gradle.api.internal.artifacts.repositories.transport.http.HttpResourceCollection.getResource(HttpResourceCollection.java:54)
at org.gradle.api.internal.artifacts.repositories.ResourceCollectionResolver.getResource(ResourceCollectionResolver.java:304)
at org.gradle.api.internal.artifacts.repositories.ResourceCollectionResolver.findStaticResourceUsingPattern(ResourceCollectionResolver.java:248)
at org.gradle.api.internal.artifacts.repositories.ResourceCollectionResolver.findResourceUsingPattern(ResourceCollectionResolver.java:234)
at org.gradle.api.internal.artifacts.repositories.ResourceCollectionResolver.findResourceUsingPatterns(ResourceCollectionResolver.java:136)
at org.gradle.api.internal.artifacts.repositories.MavenResolver.findIvyFileRef(MavenResolver.java:117)
at org.apache.ivy.plugins.resolver.BasicResolver.getDependency(BasicResolver.java:223)
at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.DependencyResolverAdapter.getDependency(DependencyResolverAdapter.java:84)
at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.CacheLockingModuleVersionRepository$1.create(CacheLockingModuleVersionRepository.java:53)
at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.CacheLockingModuleVersionRepository$1.create(CacheLockingModuleVersionRepository.java:51)
at org.gradle.cache.internal.DefaultCacheAccess.longRunningOperation(DefaultCacheAccess.java:172)
at org.gradle.cache.internal.DefaultPersistentDirectoryStore.longRunningOperation(DefaultPersistentDirectoryStore.java:107)
at org.gradle.api.internal.artifacts.ivyservice.DefaultCacheLockingManager.longRunningOperation(DefaultCacheLockingManager.java:57)
at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.CacheLockingModuleVersionRepository.getDependency(CacheLockingModuleVersionRepository.java:51)
at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.CachingModuleVersionRepository.resolveModule(CachingModuleVersionRepository.java:150)
at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.CachingModuleVersionRepository.findModule(CachingModuleVersionRepository.java:88)
at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.CachingModuleVersionRepository.getDependency(CachingModuleVersionRepository.java:79)
at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.IvyContextualiser$1.invoke(IvyContextualiser.java:44)
at $Proxy34.getDependency(Unknown Source)
at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.UserResolverChain.findLatestModule(UserResolverChain.java:71)
at org.gradle.api.internal.artifacts.ivyservice.ivyresolve.UserResolverChain.resolve(UserResolverChain.java:52)
... 91 more
gradle (groovy) は PIN を要求するため、標準の Java ssl プロパティをサポートしているようですが、成功しません。
次のような単純な Java クラスで実行すると、すべて正常に動作します。
java URL url = new URL("...");
InputStreamReader is = new InputStreamReader(url.openStream());
BufferedReader in = new BufferedReader(is);
String inputLine;
while ((inputLine = in.readLine()) != null)
System.out.println(inputLine);
in.close();
このように呼び出すとうまくいきます:
java -Djava.security.debug=sunpkcs11 -Djavax.net.ssl.trustStore=NONE -Djavax.net.ssl.trustStoreType=pkcs11 -Djavax.net.ssl.keyStore=NONE -Djavax.net.ssl.keyStoreType=pkcs11 jget/JGet
ssl.keyStoreType=pkcs11\"
これは私のbuild.gradleです
task wrapper(type: Wrapper) { gradleVersion = "1.0-milestone-9" }
apply plugin: "java"
repositories { maven { url "https://developer/nexus/content/repositories/thirdparty" } }
dependencies { compile "org.projectx:tools:1.0" }
誰でも私を助けることができますか?